General
-
Target
6112c72912e12d7f3490641386adf720.exe
-
Size
309KB
-
Sample
210929-ev5n5sdfgl
-
MD5
6112c72912e12d7f3490641386adf720
-
SHA1
0e9e723ef7f189d679caeda6ea9444ecf1c104b9
-
SHA256
ac098ff6d0aab414dad2bce4a4a21ade100a6d4921bf90c7890409b8d37dea05
-
SHA512
1df7a0f7c87bbf1938b0130495247a41f1872c52a8f78b921ebcf564f86a0c3447e948ee7bd5a7db403651186febe6f2d40dc5ae7a803b17484247cf9e4b0495
Static task
static1
Behavioral task
behavioral1
Sample
6112c72912e12d7f3490641386adf720.exe
Resource
win7-en-20210920
Malware Config
Extracted
redline
2k ruzzki
narlelalik.xyz:12509
Targets
-
-
Target
6112c72912e12d7f3490641386adf720.exe
-
Size
309KB
-
MD5
6112c72912e12d7f3490641386adf720
-
SHA1
0e9e723ef7f189d679caeda6ea9444ecf1c104b9
-
SHA256
ac098ff6d0aab414dad2bce4a4a21ade100a6d4921bf90c7890409b8d37dea05
-
SHA512
1df7a0f7c87bbf1938b0130495247a41f1872c52a8f78b921ebcf564f86a0c3447e948ee7bd5a7db403651186febe6f2d40dc5ae7a803b17484247cf9e4b0495
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-